[SERVER-44721] Shell KMS AWS support cannot decrypt responses - MongoDB Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Blocker - P1
Resolution: Fixed
Affects Version/s: 4.2.0, 4.2.1
Fix Version/s: 4.2.2, 4.3.2
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v4.2
Sprint:
Security 2019-12-02
Linked BF Score:
46

Description

On November 13, 2019, AWS added a new field EncryptionResponse to the decrypt message response from KMS. This is not documented here as of the filing of this ticket.

EncryptionAlgorithm: "SYMMETRIC_DEFAULT",

As a result, 4.2.0, and 4.2.1 shell cannot work with AWS KMS

Attachments

Issue Links

is documented by

DOCS-13231 SERVER-44721: Change in AWS KMS response object breaks shell field level encryption

Closed

Activity

People

Assignee:: Mark Benvenuto

Reporter:: Mark Benvenuto

Participants:: Githook User, Kenneth White, Mark Benvenuto

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Dates

Created:: Nov 18 2019 08:57:07 PM UTC

Updated:: Nov 20 2019 06:01:05 AM UTC

Resolved:: Nov 19 2019 05:59:37 PM UTC